Migrate 013-quarkus-oidc-restlcient to Keycloak 25

013-quarkus-oidc-restclient/pom.xml

@@ -41,8 +41,8 @@
             <artifactId>keycloak-authz-client</artifactId>
         </dependency>
         <dependency>
-            <groupId>org.testcontainers</groupId>
-            <artifactId>testcontainers</artifactId>
+            <groupId>io.quarkus</groupId>
+            <artifactId>quarkus-test-keycloak-server</artifactId>
             <scope>test</scope>
         </dependency>
         <dependency>
@@ -66,6 +66,26 @@
                     </execution>
                 </executions>
             </plugin>
+            <plugin>
+                <artifactId>maven-surefire-plugin</artifactId>
+                <version>${surefire-plugin.version}</version>
+                <configuration>
+                    <systemPropertyVariables>
+                        <keycloak.version>25.0.6</keycloak.version>
+                        <keycloak.use.https>false</keycloak.use.https>
+                    </systemPropertyVariables>
+                </configuration>
+            </plugin>
+            <plugin>
+                <artifactId>maven-failsafe-plugin</artifactId>
+                <version>${surefire-plugin.version}</version>
+                <configuration>
+                    <systemPropertyVariables>
+                        <keycloak.version>25.0.6</keycloak.version>
+                        <keycloak.use.https>false</keycloak.use.https>
+                    </systemPropertyVariables>
+                </configuration>
+            </plugin>
         </plugins>
     </build>
     <profiles>

013-quarkus-oidc-restclient/src/main/java/io/quarkus/qe/ping/clients/LookupAuthorizationPongClient.java

@@ -68,6 +68,6 @@ default String lookupAuth() {
                 Collections.singletonMap("secret", clientSecret),
                 HttpClients.createDefault()));
 
-        return "Bearer " + authzClient.obtainAccessToken("test-user", "test-user").getToken();
+        return "Bearer " + authzClient.obtainAccessToken("alice", "alice").getToken();
     }
 }

013-quarkus-oidc-restclient/src/main/resources/application.properties

@@ -2,9 +2,10 @@
 quarkus.http.port=8081
 
 # Security
-quarkus.oidc.auth-server-url=http://localhost:8180/auth/realms/test-realm
-quarkus.oidc.client-id=test-application-client
-quarkus.oidc.credentials.secret=test-application-client-secret
+# keycloak.url is set by KeycloakTestResourceLifecycleManager
+quarkus.oidc.auth-server-url=${keycloak.url:replaced-by-test-resource}/realms/quarkus/
+quarkus.oidc.client-id=quarkus-service-app
+quarkus.oidc.credentials.secret=secret
 
 quarkus.http.auth.permission.unsecured.paths=/generate-token/*
 quarkus.http.auth.permission.unsecured.policy=permit
@@ -15,16 +16,16 @@ org.eclipse.microprofile.rest.client.propagateHeaders=Authorization
 
 # OIDC Client Configuration
 quarkus.oidc-client.auth-server-url=${quarkus.oidc.auth-server-url}
-quarkus.oidc-client.client-id=test-application-client
-quarkus.oidc-client.credentials.secret=test-application-client-secret
+quarkus.oidc-client.client-id=${quarkus.oidc.client-id}
+quarkus.oidc-client.credentials.secret=${quarkus.oidc.credentials.secret}
 
 ## Normal User Password
 quarkus.oidc-client.test-user.auth-server-url=${quarkus.oidc.auth-server-url}
-quarkus.oidc-client.test-user.client-id=test-application-client
-quarkus.oidc-client.test-user.credentials.secret=test-application-client-secret
+quarkus.oidc-client.test-user.client-id=${quarkus.oidc.client-id}
+quarkus.oidc-client.test-user.credentials.secret=${quarkus.oidc.credentials.secret}
 quarkus.oidc-client.test-user.grant.type=password
-quarkus.oidc-client.test-user.grant-options.password.username=test-user
-quarkus.oidc-client.test-user.grant-options.password.password=test-user
+quarkus.oidc-client.test-user.grant-options.password.username=alice
+quarkus.oidc-client.test-user.grant-options.password.password=alice
 
 # RestClient
 io.quarkus.qe.ping.clients.PongClient/mp-rest/url=http://localhost:8081

013-quarkus-oidc-restclient/src/test/java/io/quarkus/qe/AbstractPingPongResourceTest.java

@@ -1,47 +1,26 @@
 package io.quarkus.qe;
 
 import static io.restassured.RestAssured.given;
-import static io.restassured.config.HttpClientConfig.httpClientConfig;
 import static org.hamcrest.CoreMatchers.containsString;
 import static org.hamcrest.CoreMatchers.is;
 
 import java.util.UUID;
 
 import org.apache.http.HttpStatus;
-import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
-import org.keycloak.authorization.client.AuthzClient;
 
-import io.quarkus.qe.containers.KeycloakTestResource;
 import io.quarkus.qe.model.Score;
-import io.quarkus.test.common.TestResourceScope;
-import io.quarkus.test.common.WithTestResource;
-import io.restassured.RestAssured;
-import io.restassured.config.RestAssuredConfig;
+import io.quarkus.test.common.QuarkusTestResource;
+import io.quarkus.test.keycloak.server.KeycloakTestResourceLifecycleManager;
 import io.restassured.http.ContentType;
 
-@WithTestResource(value = KeycloakTestResource.class, scope = TestResourceScope.MATCHING_RESOURCES)
+@QuarkusTestResource(value = KeycloakTestResourceLifecycleManager.class)
 public abstract class AbstractPingPongResourceTest {
 
     private static final String PING_ENDPOINT = "/%s-ping";
     private static final String PONG_ENDPOINT = "/%s-pong";
-    private static final String USER = "test-user";
     private static final String WRONG_TOKEN = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
 
-    private static final String HTTP_SOCKET_TIMEOUT_PROPERTY = "http.socket.timeout";
-    private static final String HTTP_CONNECTION_TIMEOUT_PROPERTY = "http.connection.timeout";
-    private static final int TIMEOUT_IN_SECONDS = 1000;
-
-    AuthzClient authzClient;
-
-    @BeforeEach
-    public void setup() {
-        RestAssured.config = RestAssuredConfig.config()
-                .httpClient(httpClientConfig()
-                        .setParam(HTTP_SOCKET_TIMEOUT_PROPERTY, TIMEOUT_IN_SECONDS)
-                        .setParam(HTTP_CONNECTION_TIMEOUT_PROPERTY, TIMEOUT_IN_SECONDS));
-    }
-
     @Test
     public void testPingUnauthorized() {
         given()
@@ -152,6 +131,6 @@ protected String pongEndpoint() {
     }
 
     private String createToken() {
-        return authzClient.obtainAccessToken(USER, USER).getToken();
+        return KeycloakTestResourceLifecycleManager.getAccessToken("alice");
     }
 }

013-quarkus-oidc-restclient/src/test/java/io/quarkus/qe/secured/SecuredResourceTest.java

@@ -6,8 +6,11 @@
 import org.apache.http.HttpStatus;
 import org.junit.jupiter.api.Test;
 
+import io.quarkus.test.common.QuarkusTestResource;
 import io.quarkus.test.junit.QuarkusTest;
+import io.quarkus.test.keycloak.server.KeycloakTestResourceLifecycleManager;
 
+@QuarkusTestResource(value = KeycloakTestResourceLifecycleManager.class)
 @QuarkusTest
 public class SecuredResourceTest {
 
@@ -38,7 +41,7 @@ private String getClaimsFromToken() {
     }
 
     private String getClaimsInstancesFromPath(String path) {
-        String token = given().when().get("/generate-token/test-user").then().statusCode(200).extract().asString();
+        String token = KeycloakTestResourceLifecycleManager.getAccessToken("alice");
 
         return given()
                 .auth().preemptive().oauth2(token)

304-quarkus-vertx-routes/src/main/java/io/quarkus/qe/validation/ValidationOnResponseRouteHandler.java

@@ -6,7 +6,6 @@
 import io.smallrye.mutiny.Uni;
 
 import jakarta.validation.Valid;
-import jakarta.validation.constraints.Size;
 
 @RouteBase(path = "/validate")
 public class ValidationOnResponseRouteHandler {